67e8a7ce13
Changing CHANNELS_FILE option type
...
Co-Authored-By: pkb1s <petkoutroubis@gmail.com >
2018-10-28 18:08:12 +00:00
f51a95465e
Changed http to https in metasploit url
...
Co-Authored-By: pkb1s <petkoutroubis@gmail.com >
2018-10-28 18:07:20 +00:00
a6135e3738
Added "increase timeout" message
2018-10-28 17:48:15 +00:00
02d9d0f006
Add IBM WebSphere MQ Queue Manager Name and MQ Version Enumeration module
...
Run this auxiliary against the listening port of an IBM MQ Queue Manager to identify its name and version. Any channel type can be used to get this information as long as the name of the channel is valid.
* IBM Downloads page: https://developer.ibm.com/messaging/mq-downloads/
* Tested on IBM MQ 7.5, 8 and 9
* Usage:
* Download and install MQ Server from the above link
* Create a new Queue Manager
* Create a new channel (without SSL)
* Run the module
2018-10-28 16:09:17 +00:00
a23cb7dfe8
Add IBM WebSphere MQ Channel Name Bruteforce module
...
Uses a dictionary to bruteforce MQ channel names. For all identified channels it also returns if SSL is used and whether it is a server-connection channel.
* IBM Downloads page: https://developer.ibm.com/messaging/mq-downloads/
* Tested on IBM MQ 7.5, 8 and 9
* Usage:
** Download and install MQ Server
** Create a Queue Manager
** Create a new channel (without SSL)
** Run the module
2018-10-28 15:22:27 +00:00
370bcaf8d8
Update mercury_login.md
2018-10-28 09:49:15 +01:00
a34310095c
Update modules/exploits/windows/imap/mercury_login.md
...
Co-Authored-By: kr3bz <44395414+kr3bz@users.noreply.github.com >
2018-10-28 09:41:29 +01:00
bfd3a17c0e
Update modules/exploits/windows/imap/mercury_login.rb
...
Co-Authored-By: kr3bz <44395414+kr3bz@users.noreply.github.com >
2018-10-28 09:41:14 +01:00
5efbefdaea
Update mercury_login.md
2018-10-28 09:37:47 +01:00
2839a73cbd
Update mercury_login.rb
2018-10-28 09:35:15 +01:00
52fee303d4
Remove the size restriction from payload_inject
2018-10-27 21:26:09 -04:00
caf76a6555
Add applicable notes to my exploit modules
2018-10-27 20:54:14 -04:00
c61737bb18
Update mercury_login.md
2018-10-27 20:52:54 +02:00
239632ca03
Update mercury_login.md
2018-10-27 20:52:24 +02:00
3cf8a01b55
Update mercury_login.md
2018-10-27 20:51:31 +02:00
965c2d5c01
Update modules/exploits/windows/imap/mercury_login.rb
...
Co-Authored-By: kr3bz <racic.ivan@gmail.com >
2018-10-26 13:37:37 +02:00
b4c005c4d4
Land #10561 , Add Windows local privilege escalation - CVE-2018-0824
...
Merge branch 'land-10561' into upstream-master
2018-10-25 13:22:31 -05:00
6b4e132f35
Create bypassuac_computerDefault.rb
2018-10-25 16:58:56 +02:00
280a714faf
Delete bypassuac_computerDefault.rb
2018-10-25 16:58:34 +02:00
e1a7c35834
Clean up check_banner
2018-10-25 05:20:20 -05:00
f90992dc08
Fix typo.
2018-10-25 17:55:01 +08:00
760b14e71d
Update the version match code.
2018-10-25 15:33:54 +08:00
2ab9a003d4
Land #10864 , Add Cisco WebEx RCE Modules
2018-10-24 16:20:00 -05:00
f52cbdf9d7
Change option types
2018-10-24 16:18:17 -05:00
4ec7e41f9e
Change option type
2018-10-24 16:16:03 -05:00
e84ba62740
Cosmetic changes for local/webexec
2018-10-24 16:13:47 -05:00
16d633fabd
Remove spaces before EOL
2018-10-24 11:04:41 -04:00
3729e9ed7b
added description, references
2018-10-24 09:46:00 -05:00
9f0c8a0929
Create bypassuac_computerDefault.rb
2018-10-24 15:06:07 +02:00
2e2d742ae7
Added updated mercury_login
...
Added additional space for the payload, made recommended changes, msftidy does not produce errors, readded null byte as a badchar.
2018-10-24 11:08:37 +02:00
458f635159
Add supported payloads to module description
2018-10-24 01:30:27 -05:00
839c4e0467
Drop rank to AverageRanking for now
2018-10-24 01:30:17 -05:00
37560760df
Add RequiredCmd for generic and telnet
2018-10-24 01:23:15 -05:00
ef2854c918
Use in-memory reflection for executing the payload
...
Use to_win32pe_psh_reflection() instead of to_win32pe_psh_net() in order to reduce the amount of processes and forensic artifacts created by this module.
2018-10-23 22:12:10 -04:00
d75c599929
Use ShellExecuteA to spawn eventvwr.exe
...
Use ShellExecuteA from railgun to spawn eventvwr.exe, as opposed to cmd /c. This reduces the amount of processes generated by this module.
2018-10-23 21:52:36 -04:00
da4b424780
Fix typo in cleanup message
2018-10-23 21:33:49 -04:00
569c2e03c9
Fix exploit relics and documentation
2018-10-23 17:15:34 -05:00
67f2933b58
Make fewer assumptions about Apache
...
Returning CheckCode::Safe is too aggressive for a supplemental check.
Admins can change the directive in top-level configuration, anyway.
2018-10-23 16:26:17 -05:00
d1111ace5d
fixes
2018-10-23 17:19:14 -04:00
34ae9c38f9
added WebEx modules, arch check
2018-10-23 15:51:23 -05:00
927a29530b
Remove duplicated files
2018-10-23 12:31:18 -05:00
65c0573738
Land #10848 , improve play_youtube post module
2018-10-23 12:26:55 -05:00
e992b63520
Land #10856 , add SSL support to php meterpreter
2018-10-23 11:59:09 -05:00
be2ec76ed2
Added modified mercury_login.rb
...
Modified the script with recommendations.
2018-10-23 17:17:30 +02:00
9c49acb924
Fail scanner instead of returning
2018-10-23 10:07:38 -05:00
58a1b65e60
Update Exploit::CheckCode::Unknown
...
Brain fart.
2018-10-23 09:34:48 -05:00
899238a4e3
Update libssh_auth_bypass with command output
2018-10-23 09:34:42 -05:00
c71bbc1019
Remove spaces that msftidy caught
2018-10-23 10:13:44 -04:00
0e7259040d
Update modules/exploits/windows/imap/mercury_login.rb
...
Co-Authored-By: kr3bz <racic.ivan@gmail.com >
2018-10-23 14:32:53 +02:00
903f5e9ede
Update modules/exploits/windows/imap/mercury_login.rb
...
Co-Authored-By: kr3bz <racic.ivan@gmail.com >
2018-10-23 14:32:44 +02:00
Brendan Coles